Crack in the Armor - Windows Mobile Phone Security

Today a notice hit http://www.sophos.com about a Trojan infecting phones utilizing Microsoft Windows Mobile. This is making its way across China when the phone accesses one of several websites over there. It is only a matter of time before this affects Europe and North America.

The trojan, called winCE//infojack, it is wrapped together with several legitimate mini-games, including Mahjongg and a version of Tetris. The trojan is written in such a way that an unsuspecting user will install the package” on the mobile device.

Read the rest of this entry »

Another Certification Bites the Dust

While we are on the certification bandwagon I must apologize for the lack of material over the course of the last several days. I have been guilty of competing in the certification dance. This last weekend I took the GIAC PCI exam and this week I will be taking Cisco’s Wide Area Application Services exam. I will complete a post regarding these two exams later this week.

On to the news. Trusecure was recently sold off to Verizon (via CyberTrust). With this transaction happening the TICSA certification has been shut down. Now this might not be the most recognized certification around but it did hold some value. The nice thing is ISC is allowing holders of the certification to get there SSCP.

Here is the message from Verizon/CyberTrust/Trusecure:

Read the rest of this entry »